Solidbit Ransomware
The Solidbit ransomware is a newly discovered strain of file-encrypting malware.
Solidbit will encrypt most of the files found on the victim system, leaving files essential to the operation of Windows intact. However, documents, media files, archives and database files will be encrypted.
Once encryption of a file completes, the original file gets a new extension comprised of four ransom alphanumeric characters. This means that a file formerly called "document.docx" might turn into something like "document.docx.hdg9".
When the encryption process is finished, the Solidbit ransomware will drop its ransom note inside a file named "RESTORE-MY-FILES.txt". Along with this, a pop-up window is created and shown to the victim, informing them of the attack and offering an interface to contact the ransomware operator.
The full contents of the ransom note are as follows:
'***SOLIDBIT RANSOMWARE***
Аll оf уоur files аrе еncrуptеd bу SOLIDBIT rаnsоmwаrе and you cannot
decrypt it without our help. If you try to use any additional recovery software - the
files might be damaged, so if you are willing to try - try it on the data of the lowest value.
To make sure that we REALLY CAN recover data - we offer you to decrypt
samples. You can recover all your files safely and easily with us.
Download Tor Browser - hxxps://www.torproject.org/download/ and install it
Open the link below in Tor Browser and follow instructions on this page
hxxp://[alphanumeric string].onion/login
Decryption ID:'